I program in Python as a hobby and this week I decided to write a program that generates 16 character long passwords. I wrote this program as a class, which i rarely do. Because of this I think I still have a lot of room to improve with the setup and build of the class. I wrote this to use for my work and it's (fully) operational. The program will ask for a name, create a password and write both of those to a text file for later use (I work in IT and create accounts with passwords). Can anyone please tell me how I can improve my code? Please note that I rarely write programs as classes, as I'm not very good at programming.
import string
from tkinter import *
from tkinter import messagebox
import random
class psswrd_maker:
"""""
this is a password generator that shows the password in a tkinter box. It's probably not a very well written
program, but I rarely use classes to make programs because i'm not very good at programming but here goes nothing!
I wanted to bring the made password back to the original tkinter screen first. However, I couldn't manage
to do so because I'm not that great.... the passwords are passed with name to a txt file for further handling
"""""
def __init__(self, master):
#creating my box here
#realised too late that maybe i shouldn't have done this in init but in a seperate class?
#tried to fix it but that ruined the program, so it's stuck in init i guess
#entry had to be packed seperate, otherwise i couldn't use the .get() function (remember this!!)
self.master = master
self.master.geometry('400x100')
self.master.title('Awesome Password Generator V1')
self.name = Entry(master)
self.name.pack()
self.generator = Button(master, text='press to generate password', command=self.generate).pack()
self.leave = Button(master, text='press here to quit', command=self.leave).pack()
master.mainloop()
def leave(self):
#simple way to quit app (don't need it but i like it)
quit()
def writeinnote(self, name, password):
#wrote evrything to a txt file for convienence and because i can't get the password in the tkinter box
#turned everything into a single string to make it look better and convienence
all = 'name: ' + name + ' ' + 'password: ' + password + '\n'
new = open('passwords.txt', 'a+')
new.write(all)
#wrote a messagebox because the program is a little buggy sometimes (god knows why)
#if the message is not shown im certain something went wrong (i hope)
messagebox.showinfo(title='succes!', message="written to text file 'passwords.txt'")
def create_params(self, alllist='*'):
#create characters used in the password
#left out some characters because users sometimes confuse them (see bannlist)
self.alllist = alllist
lowerlist = list(string.ascii_lowercase)
upperlist = list(string.ascii_uppercase)
letterlist = [1, 2, 3, 4, 5, 6, 7, 8, 9]
charlist = ['!', '@', '#', '$', '%']
alllist = list(lowerlist + upperlist + letterlist + charlist)
bannlist = ['o', 'O', 'l', 'i', 'I']
for i in alllist:
if i in bannlist:
alllist.remove(i)
return alllist
def generate(self):
#make an empty list for a word to later change it to a full string
TheWord = []
parameters = self.create_params()
#add 16 chars in a list and convert it to string
#there's probably a better way to do this but this is the way i know
for i in range(16):
secret_letter = random.choice(parameters)
makestr = str(secret_letter)
TheWord.append(makestr)
self.word = ''
for i in TheWord:
self.word += i
#get the name entry to connect it to a password
self.entry1 = self.name.get()
#start writing values to file for later use
self.writeinnote(self.entry1, self.word)
#create window seperate because that was easier
window = Tk()
psswrd_maker(window)
Any input is welcomed as I want to learn this as well as possible!
-
\$\begingroup\$ It's fine that you've written this to learn, but it's very important that you not use it for work for security reasons. \$\endgroup\$Reinderien– Reinderien2022年04月05日 13:56:03 +00:00Commented Apr 5, 2022 at 13:56
1 Answer 1
It's probably not a very well written program
It's a little more complicated than that (as is so often the case with security). For a beginner it's a good start, but it's not safe for production use - so it's really inappropriate to use at work. You're better off with a commercial or at least well-established open source password generator and management suite.
It's important that you do some reading about other very similar questions that have attempted this, since beginners fall into the same series of traps:
- Don't use
random; usesecrets - Depending on application, pass phrases are often more appropriate than passwords
Your passwords.txt is opened in append mode but there's no attempt at ensuring that it's permissions-protected (i.e. octal 600 in Unix filesystems). It's not a great idea for the default output of this program to be a plaintext file on the disk. Generally, plaintext passwords should only exist in memory, and only temporarily.
-
\$\begingroup\$ Thanks for the input! After I used this program I'm immediately deleting the txt file with the passwords and all users have to change it after filling it in once. It's more that I don't have to fill in every user by hand anymore because I'm lazy \$\endgroup\$liteversion– liteversion2022年04月05日 15:02:46 +00:00Commented Apr 5, 2022 at 15:02
-
\$\begingroup\$ "Immediate deletion" isn't good enough. Unlinked files leave data on the disk, and depending on your filesystem, for however long the file exists on disk it may be visible to other users - or malicious processes running as your own user. \$\endgroup\$Reinderien– Reinderien2022年04月05日 16:49:00 +00:00Commented Apr 5, 2022 at 16:49
-
\$\begingroup\$ There's a reason that secure deletion protocols exist \$\endgroup\$Reinderien– Reinderien2022年04月05日 16:55:25 +00:00Commented Apr 5, 2022 at 16:55
-
\$\begingroup\$ Ok, so you guys convinced me that it's a stupid idea to actually use this in the workplace. Could I get some pointers on the program itself though? I really want to improve writing in classes. \$\endgroup\$liteversion– liteversion2022年04月07日 08:29:46 +00:00Commented Apr 7, 2022 at 8:29
Explore related questions
See similar questions with these tags.